CVE-2005-4807

NameCVE-2005-4807
DescriptionStack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severityhigh

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
binutils (PTS)stretch2.28-5fixed
buster2.31.1-16fixed
bullseye, sid2.35.2-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
binutilssource(unstable)2.17-1low

Notes

[sarge] - binutils <no-dsa> (Only a security-problems in far-fetched configurations)

Search for package or bug name: Reporting problems